Compliance Policy

DNSFilter Security Operations Summary

DNSFilter’s Security Operations Program utilizes numerous initiatives to manage both operational information-security requirements and the risks of cyber threats and vulnerabilities. These initiatives protect not only our own information, but also the information of customers and partners stored in our systems. We have achieved SOC2 Type 1 certification, and are actively pursuing SOC2 Type 2 certification. 

dnsfilter is soc2 certified

Our Security Operations Program includes the following:

  • Comprehensive leadership supported by a policy framework and implementation of a company-wide, zero-trust environment in support of all DNSFilter products and internal IT systems.
  • Execution of a policy framework that allows for tracking, reporting, and responding to events in an efficient and timely manner.
  • Implementation of controls in the following areas:
    • Information Security Policies
    • Access Control
    • Data Governance
      • Data Classification, Encryption, Retention, and Destruction
    • Incident Management
    • Change Management
    • Asset Management
    • Vendor Management
    • Risk Management
      • Backup Management
      • Load Balancers
      • Failover Mechanisms
    • Security Management
      • Vulnerability Scanning
      • Penetration Testing
      • Patch Management
      • Secure Software Development Lifecycle
    • Incident Response Plan
      • Business Continuity
      • Data Breach Response
      • Disaster Readines

For questions on specific areas please contact your Account Executive.

dnsfilter is soc2 certified